NIST seeks cybersecurity input

Tech brief: Agency issues a draft of Special Publication 800-39 for public comment

By GCN Staff

Nov 16, 2007

The National Institute of Standards and Technology has issued a draft of Special Publication 800-39, 'Managing Risk from Information Systems: An Organizational Perspective,' for public comment. Intended for individuals ranging from agency leaders to systems administrators, NIST's new guide outlines a top-level process for building and implementing a technically sound and effective information security program within an organization.

It ties together various NIST computer security documents and, when finalized, will become the flagship in a series of NIST documents related to the Federal Information Security Management Act. The draft document is available here.